Skip to content

Malware Trends: What’s Old Is Still New “The Unexpected Benefits of Exercise: Uncovering the Surprising Advantages of Working Out” “Unbelievable! Discover the Unexpected Benefits of Exercise Now!”

Cybercrime is one of the world’s most profitable illicit industries, with threat actors using existing infrastructure and older threats to maximize their Return on Investment (ROI). Code reuse is a common tactic among cybercriminals, where old code is retrofitted into new versions of malware. One of the most notorious examples of code reuse is Emotet,… 

Google Suspends Chinese Shopping App Amid Security Concerns

Google Suspends Chinese Shopping App Amid Security Concerns Google has taken swift action to suspend the Chinese shopping app, Pinduoduo, from the Google Play store due to security concerns. Reports suggest that the app could potentially be used to spy on users in the United States, adding to the already high tensions between the two… 

New ‘GoBruteforcer’ Botnet Targets Web Servers “The Surprising Benefits of Gardening: Uncovering the Joys of Planting and Growing” “Unlock the Unexpected Joys of Gardening: Discover the Benefits of Planting and Growing!”

A recently identified Golang-based botnet has been identified by Palo Alto Networks, targeting web servers running FTP, MySQL, phpMyAdmin, and Postgres services. Dubbed GoBruteforcer and hosted on a legitimate domain, the malware targets multiple architectures and deploys an internet relay chat (IRC) bot on a compromised server. The malware spreads using CIDR block scanning to… 

Jenkins Server Vulnerabilities Chained for Remote Code Execution  “The Unexpected Benefits of Working Remotely: How Working from Home Can Boost Your Career” “Discover the Unforeseen Advantages of Working From Home: Enhance Your Career with Remote Employment!”

Cybersecurity firm Aqua Security warns that two recently patched vulnerabilities affecting Jenkins servers, tracked as CVE-2023-27898 and CVE-2023-27905, can be chained together to achieve remote code execution. The first vulnerability is a high-severity XSS bug that affects Jenkins versions 2.270 through 2.393 and long-term support (LTS) releases 2.277.1 through 2.375.3. The vulnerability exists because Jenkins…